CN111628861A - Object sharing system and method - Google Patents

Object sharing system and method Download PDF

Info

Publication number
CN111628861A
CN111628861A CN201910261890.4A CN201910261890A CN111628861A CN 111628861 A CN111628861 A CN 111628861A CN 201910261890 A CN201910261890 A CN 201910261890A CN 111628861 A CN111628861 A CN 111628861A
Authority
CN
China
Prior art keywords
shared
key
secret information
secret
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910261890.4A
Other languages
Chinese (zh)
Other versions
CN111628861B (en
Inventor
孙珀玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial Technology Research Institute ITRI
Original Assignee
Industrial Technology Research Institute ITRI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial Technology Research Institute ITRI filed Critical Industrial Technology Research Institute ITRI
Publication of CN111628861A publication Critical patent/CN111628861A/en
Application granted granted Critical
Publication of CN111628861B publication Critical patent/CN111628861B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/10Coin-freed apparatus for hiring articles; Coin-freed facilities or services for means for safe-keeping of property, left temporarily, e.g. by fastening the property
    • G07F17/12Coin-freed apparatus for hiring articles; Coin-freed facilities or services for means for safe-keeping of property, left temporarily, e.g. by fastening the property comprising lockable containers, e.g. for accepting clothes to be cleaned
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3026Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to polynomials generation, e.g. generation of irreducible polynomials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an object sharing system and method, wherein the system comprises a plurality of shared objects and a plurality of data servers. The plurality of shared objects are provided by a plurality of object suppliers respectively. The plurality of data servers are respectively provided by the object suppliers and connected to form a distributed data redundancy network so as to dispersedly store a plurality of sub-secret data obtained by dividing the shared secret information. The data server of each object supplier is connected with the provided shared object, and when receiving a use request of a user device for the provided shared object, the data server collects the sub-secret data required by reconstructing the shared secret information through the distributed data redundancy network so as to reconstruct the shared secret information and is used for authenticating the authority of the user device for the shared object.

Description

Object sharing system and method
Technical Field
The present invention relates to an object sharing system and method, and more particularly, to an object sharing system and method using a Distributed Architecture (Distributed Architecture).
Background
Due to the development of science and technology, networks have become an unavailable information acquisition pipeline for modern people. However, as more and more technologies are developed through networks, information security becomes one of the most important issues in network applications.
Most current networks employ a Centralized management Architecture (Centralized Architecture) and utilize a Centralized Arbiter (Central Arbiter) to determine facts and evaluate the accuracy of recorded data. However, the reliability of the transaction between vendors is low and there is a doubt on the interoperability of the centralized management architecture, and when there is a dispute, the administrator of the centralized management architecture cannot self-verify and clarify, which results in the questioning of information security exchange and high cost of establishing trust, so that another new information island is formed, and it is difficult to implement the sharing spirit.
Furthermore, since the centralized management architecture can collect multiple data into a single point, once an attack is made, a single point of failure or data leakage risk is generated. In addition, since the data accuracy is maintained only unilaterally, when part of the data or only data at a specific point in the past is tampered, it is difficult to detect without an appropriate confirmation mechanism.
Disclosure of Invention
The invention provides an object sharing system, which comprises a plurality of shared objects and a plurality of data servers. The plurality of shared objects are respectively provided by a plurality of object suppliers; and a plurality of data servers are respectively provided by the object suppliers and connected to form a distributed data redundancy network so as to dispersedly store a plurality of sub-secret data obtained by dividing shared secret information, wherein the data server of each object supplier is connected with the provided shared object, and when receiving a use request of a user device for the provided shared object, the data server collects the sub-secret data required by reconstructing the shared secret information through the distributed data redundancy network so as to reconstruct the shared secret information and authenticate the authority of the user device for the shared object.
The invention provides an object sharing method, which is suitable for an object sharing system consisting of a plurality of shared objects and a plurality of data servers respectively provided by a plurality of object suppliers, wherein each data server is connected to form a distributed data redundant network, and the method comprises the following steps: the data server dispersedly stores a plurality of sub-secret data obtained by dividing shared secret information; receiving a use request sent by a user device by one of the shared objects; collecting, by a data server connected to the shared object, sub-secret data of an amount required to reconstruct the shared secret information through the distributed data redundancy network; and reconstructing, by the shared object or a data server connected to the shared object, the shared secret information using the collected sub-secret data, and to authenticate a right of the user device to the shared object.
Based on the above, the distributed management architecture adopted by the object sharing system and method of the present invention can avoid the risk of centralized single-point attack and prevent hackers from invading and obtaining shared secret information.
In order to make the aforementioned and other features and advantages of the invention more comprehensible, embodiments accompanied with figures are described in detail below.
Drawings
Fig. 1 is a block diagram of an object sharing system according to an exemplary embodiment of the present invention.
Fig. 2 is a flowchart of an object sharing method according to an exemplary embodiment of the present invention.
Fig. 3 is a flowchart of a method of dispersedly storing sub-secret data according to an exemplary embodiment of the present invention.
Fig. 4 is a flowchart of a method in which a key management module generates a conference key according to an exemplary embodiment of the present invention.
Fig. 5 is a flowchart of a method in which a key management module deregisters a conference key according to an exemplary embodiment of the present invention.
Fig. 6 is a flowchart of a method of dispersedly storing sub-secret data according to another exemplary embodiment of the present invention.
Fig. 7 is a flowchart of a method of reconstructing shared secret information according to an exemplary embodiment of the present invention.
Fig. 8 is a flowchart of a method of reconstructing shared secret information according to another exemplary embodiment of the present invention.
The reference numbers are as follows:
100: object sharing system
110(1) -110 (n): data server
120(1) to 120 (m): sharing objects
130(1), 130 (2): user equipment
S201 to S207, S301 to S307, S401 to S409, S501 to S509, S3601 to S607, S701 to S707, and S801 to S807: and (5) carrying out the following steps.
Detailed Description
The invention provides an object sharing system and method. The system adopts a distributed network architecture, and object suppliers respectively provide one server to form a multi-center distributed network architecture. Through the framework, the publicly inquired data are respectively stored in other servers, and the servers synchronously update the data and confirm the integrity of the data at regular time, so that the risk of centralized single-point attack is reduced. In addition, the system also enables each object supplier to have the functions of self-authentication identity and authority control and management on the premise of not exchanging client data, thereby reducing the safety doubt among the suppliers and further being beneficial to improving the willingness of the object suppliers to share data.
Fig. 1 is a block diagram of an object sharing system according to an exemplary embodiment of the present invention. Referring to fig. 1, the object sharing system 100 of the present embodiment includes a plurality of data servers 110(1) to (n) and a plurality of sharing objects 120(1) to (m). In the above formula, m and n are not particularly limited, and may be any integers. In the present embodiment, the shared objects 120(1) to (m) may be provided by a plurality of object suppliers (not shown), respectively. The data servers 110(1) to (n) can be provided by object suppliers respectively, and are connected to form a distributed data redundancy network based on the block chain technology, for example. In this embodiment, each object provider provides, for example, three shared objects and one data server, but the embodiment does not have any particular limitation on the number of shared objects and the number of data servers that can be provided by each object provider. In addition, the data servers 110(1) -110 (n) of the object suppliers can connect with the shared objects provided by the data servers (for example, the data server 110(2) can connect with the shared objects 120(1) -120 (3)).
The object supplier may be a shared cabinet supplier of the intelligent logistics pickup station or a shared truck-driving, and the shared objects 120(1) - (m) may be the intelligent logistics pickup station or the truck, but the embodiment is not limited to the object supplier and the shared objects 120(1) - (m). In an embodiment, the object sharing system 100 may further include a key management module (not shown), a secret information distribution module (not shown), and a secret information reconstruction module (not shown) installed on each of the data servers 110(1) to (n) to manage the public and private keys of the user devices, the data servers 110(1) to (n), and the shared objects 120(1) to (m), and the secret information shared therebetween, which will be described in detail later.
In order to make the present invention more understandable, the user devices 130(1), the user devices 130(2), the shared objects 120(1), and the data servers 110(2) participating in the sharing of the shared objects 120(1) are exemplified below.
Fig. 2 is a flowchart of an object sharing method according to an exemplary embodiment of the present invention. Referring to fig. 1 and fig. 2, the method of the present embodiment is applied to the object sharing system 100 of fig. 1, and the following describes the detailed steps of the object sharing method according to the present embodiment in conjunction with the operational relationship between the devices in the object sharing system 100.
First, in step S201, the data server 110(2) dispersedly stores a plurality of sub-secret data divided by the shared secret information. Specifically, the data server 110(2) may divide the shared secret information into a plurality of sub-secret data, and store the plurality of sub-secret data in the data servers 110(1) to 110(n) in a distributed manner. The shared secret information is, for example, a key for opening the shared object 120(1) or other authentication information, and is not limited herein. And how the data server 110(2) splits the shared secret information into multiple sub-secret data will be described in detail later.
Next, in step S203, the use request transmitted from the user apparatus 130(2) is received by one of the shared objects 120(1) to (m). In detail, when the user device 130(2) uses the shared object 120(1), the user device 130(2) may send a use request to the shared object 120 (2).
Next, in step S205, the data server 110(2) connected to the shared object 120(1) collects the sub-secret data in an amount necessary for reconstructing the shared secret information via the distributed data redundancy network (i.e., the data servers 110(1) to 110 (n)). The required number may be any integer preset in the object sharing system 100. In one embodiment, the object sharing system 100 may calculate the number of participants participating in the sharing of the shared object 120(1) divided by 2, and carry a conditional bit to obtain a value, thereby setting the required number of reconstructed shared secret information to be a minimum integer greater than the value.
Finally, in step S207, the shared secret information is reconstructed by the shared object 120(1) or the data server 110(2) connected to the shared object 120(1) using the collected sub-secret data, and is used to authenticate the usage right of the user device 130(2) to the shared object 120 (1). In detail, when the shared object 120(1) or the data server 110(2) connected to the shared object 120(1) successfully reconstructs the shared secret information by using the collected sub-secret data, the shared object 120(1) or the data server 110(2) connected to the shared object 120(1) provides the user device 130(2) with the authority of the user device 130(2) to the shared object 120 (1).
Taking logistics as an example, the user device 130(1) may be a mobile phone held by a sender sending a package, the shared object 120(1) may be a smart locker, an object supplier providing services of the shared object 120(1) may be a local logistics provider, the object supplier provides the data server 110(2) to manage the shared objects 120(1) to 120(3), and the user device 130(2) may be a mobile phone held by a retriever taking a package, such as a sender or a receiver in the package, without particular limitation.
The object sharing system 100 according to the embodiment of the present invention divides the shared secret information into a plurality of sub-secret data through the above steps, and stores the sub-secret data in the data servers 110(1) to 110(n) of the object sharing system 100 in a distributed manner, thereby avoiding the risk of a centralized single-point attack.
Fig. 3 is a flowchart of a method of dispersedly storing sub-secret data according to an exemplary embodiment of the present invention. Referring to fig. 1 and fig. 3, the method of the present embodiment is applied to the key management module and the secret information distribution module in the object sharing system 100 of fig. 1, and the detailed steps of the method for dispersedly storing sub-secret data according to the embodiment of the present invention are described below in conjunction with the operational relationship between the devices in the object sharing system 100.
First, in step S301, the key management module can generate at least one first conference key of the shared secret information by using a first public-private key pair of the user device 130 and a second public-private key pair of the object vendor.
For example, the key management module may pre-generate a public-private key pair for the user devices 130(1), (130), (2) and a public-private key pair for an object vendor of the shared object 120(1), thereby generating a conference key SK for the object vendor corresponding to the user devices 130(1), (130), (2)SUPPLY,USER1、SKSUPPLY,USER2Conference key SK corresponding to shared object 120(1) with object vendorSUPPLY,OBJ
Next, in step S303, the secret information distribution module may randomly generate corresponding pseudo secret information for the shared secret information that is agreed to be shared by a plurality of participants participating in the sharing of the shared object 120 (1).
For example, the Secret information distribution module may be a shared Secret information Secret shared by the user equipment 130(1), the user equipment 130(2), the shared object 120(1) and the data server 110(2) participating in the sharing of the shared object 120(1), and randomly generate the pseudo Secret information r corresponding to the shared Secret information Secret.
Next, in step S305, the secret information distribution module may encrypt the pseudo secret information using the first conference key generated by the key management module and pair the encryption result with the randomly selected parameter value to construct information implying the shared secret information.
For example, the secret information distribution module may utilize the conference key SK of the previously generated object provider corresponding to the user device 130(1), 130(2)SUPPLY,USER1、SKSUPPLY,USER2Conference key SK corresponding to shared object 120(1) with object vendorSUPPLY,OBJThe pseudo secret information r is encrypted by, for example, a Symmetric-key algorithm (Symmetric-key algorithm) to obtain encryption nodes corresponding to the user devices 130(1), 130(2)Fruit E (SK)SUPPLY,USER1,r)、E(SKSUPPLY,USER2R) and the encryption result E (SK) corresponding to the shared object 120(1)SUPPLY,OBJR). The user equipments 130(1), 130(2) and the shared object 120(1) may respectively randomly select the parameter value XUSER1、XUSER2And XOBJAnd is used for performing numerical value matching with the encryption result to generate a matching result (X) corresponding to the user device 130(1), 130(2)USER1,E(SKSUPPLY,USER1,r))、(XUSER2,E(SKSUPPLY,USER2R)) and the pairing result (X) corresponding to the shared object 120(1)OBJ,E(SKSUPPLY,OBJR)) to the data server 110(2), wherein the parameter value XUSER1、XUSER2And XOBJAnd may be any integer. Therefore, the secret information distribution module may construct the information implying the shared secret information according to the pairing result corresponding to the user devices 130(1), 130(2) and the shared object 120 (1). In an embodiment, the information implying the shared secret information may be a polynomial, and the order of the polynomial is, for example, the number of participants participating in the sharing of the shared object 120(1) plus one.
Finally, in step S307, the secret information distribution module may divide the pseudo secret information and the information into sub-secret data to be distributed and stored in the data servers 110(1) - (110 (n)).
For example, in the logistics industry, the data server 110(2) provided by the local logistics provider (i.e., the object supplier) can confirm all the participants in advance. If the participant is the cell phone owned by the sender, the cell phone owned by the taker, the smart cabinet, and the data server provided by the local logistics industry (i.e., the user devices 130(1), 130(2), the shared object 120(1), and the data server 110(2)), the data server 110(2) may provide the conference key for the cell phone owned by the sender, the cell phone owned by the taker, the smart cabinet, and the data server provided by the local logistics industry, so as to generate sub-secret data using the conference key, and further, the sub-secret data is dispersedly stored in the data servers 110(1) -110 (n) of the object sharing system 100.
The pickup requests the smart locker (i.e., the shared object 120(1)) to open the smart locker through the held mobile phone (i.e., the user device 130(2)), and generates a conference key with the private key of the mobile phone to authenticate with the data server 110(2) provided by the local logistics provider (i.e., the object supplier). Under the condition that the authentication is completed, the pick-up person can open the intelligent cabinet through the held mobile phone.
Through the above steps, the object sharing system 100 of the embodiment of the present invention can prevent a hacker from decrypting the shared secret information using the randomly generated pseudo secret information. Even if a hacker can successfully decrypt the conference key, it can at best obtain the pseudo-secret information, not the shared secret information.
Further, fig. 4 is a flowchart of a method for generating a conference key by a key management module according to an exemplary embodiment of the present invention. Referring to fig. 1 and fig. 4, in step S401, the key management module generates a first public key and a first private key of a first public-private key pair by using a first seed parameter provided by each of the user devices 130(1), 130(2), and generates a second public key and a second private key of a second public-private key pair by using a second seed parameter provided by the object vendor.
For example, the key management module generates the public key PU of the user device 130(1) by using the seed parameter provided by the user device 130(1)USER1And private key PRUSER1The public key PU of the user device 130(2) is generated by using the seed parameter provided by the user device 130(2)USER2And private key PRUSER2And generating public key PU by using seed parameter provided by object supplierSUPPLYAnd private key PRSUPPLY
Next, in step S403, the key management module generates a second conference key using the first private key and the second public key as parameters.
For example, the key management module may depend on the private key PR of the user device 130(1)USER1Public key PU with object supplierSUPPLYGenerating the user device 130(1) the conference key SK corresponding to the object supplierUSER1,SUPPLYAnd according to the private key PR of the user device 130(2)USER2With object suppliersPublic key PUSUPPLYGenerating the user device 130(2) corresponding to the conference key SK of the object supplierUSER2,SUPPLY
Next, in step S405, the key management module generates a third public key and a third private key of the shared object 120(1) by using the second public key and the second private key and the unique identifier value representing the shared object as parameters. In an embodiment, the unique identification value representing the shared Object may be an internet protocol Address (IP Address) of the shared Object or an Object Address (Object Address) on the blockchain network, and is not particularly limited.
For example, the key management module can depend on the public key PU of the object supplierSUPPLYAnd private key PRSUPPLYAnd generating the public key PU of the shared object 120(1) by representing the unique identification value of the shared object 120(1)OBJAnd private key PROBJ
Next, in step S407, the key management module generates a third conference key using the third private key and the second public key as parameters.
For example, the key management module may depend on the private key PR of the shared object 120(1)OBJAnd the public key PU of the object supplierSUPPLYGenerating a shared object 120(1) a session key SK corresponding to the object supplierOBJ,SUPPLY
Finally, in step S409, the key management module generates a first conference key of the shared secret information using the second private key, the third public key and the first public key as parameters.
For example, the key management module may rely on the object vendor's private key PRSUPPLYPublic key PU of shared objectOBJAnd public key PU of user equipment 130(1), 130(2)USER1And PUUSER2Generating a conference key SK corresponding to the user equipment 130(1) by the object supplierSUPPLY,USER1The conference key SK of the object supplier corresponding to the user equipment 130(2)SUPPLY,USER2And the conference key SK of the object supplier corresponding to the shared object 120(1)SUPPLY,OBJ
In one embodiment, the key management module may be based on Elliptic-curve cryptography (Elliptic-CurveCryptogra)phy, ECC) to generate a public-private key pair according to the seed parameters. For example, the seed parameter can be expressed as (CURVE, G, N), wherein CURVE is an elliptic CURVE geometric equation y over a finite field2=x3+ ax + b, a, b are arbitrary coefficients, G is the base point for all point multiplication operations, N is the multiplicative order (multiplicitationorder) of the elliptic curve described above, which is a very large prime number, and the geometric meaning of N is that NG is 0 (i.e. the result of point multiplication NG is not present). Any positive integer less than N and greater than or equal to 1 may be multiplied by G to obtain a dot product, and the dot product is a point on the elliptic curve. Based on the above, the key management module can be selected from [1, N-1 ]]One positive integer is selected within the range to be set as the private key, and the product of the private key and the base point G is set as the public key. Further, if the plurality of participants participating in the sharing with the shared object 120(1) all have the same seed parameter, the key management module may apply an exchange rule and a combination rule such that the first conference key, the second conference key and the third conference key are the same conference key. For example with a first private key PR1With a second public key PU2Generating a first conference key SK as a parameter1With a second private key PR2With the first public key PU1Generating a second conference Key SK as a parameter2The result is SK1=PR1×PU2=PR1×(PR2×G)=PR2×(PR1×G)=PR2×PU1=SK2I.e. both parties get a consistent conference key SK.
For example, the conference key of the user apparatus 130(1) corresponding to the object provider may be a product of a private key of the user equipment 130(1) and a public key of the object provider, the conference key of the user apparatus 130(2) corresponding to the object provider may be a product of a private key of the user equipment 130(2) and a public key of the object provider, the conference key of the object provider corresponding to the user equipment 130(1) may be a product of a private key of the object provider and a public key of the user equipment 130(1), the conference key of the object provider corresponding to the user equipment 130(2) may be a product of a private key of the object provider and a public key of the user equipment 130(2), and the conference key of the object provider corresponding to the sharing object 120(1) may be a product of a private key of the object provider and a public key of the sharing object 120 (1). Since the key management module employs the above-mentioned ECC, the session key of the user device 130(1) corresponding to the object provider, the session key of the user device 130(2) corresponding to the object provider, the session key of the object provider corresponding to the user equipment 130(1), the session key of the object provider corresponding to the user equipment 130(2), and the session key of the object provider corresponding to the shared object 120(1) will be the same session key.
Through the above steps, the object sharing system 100 of the embodiment of the present invention may distribute the conference key to a plurality of participants participating in the sharing of the shared object 120(1), so that a hacker cannot obtain the conference key to obtain the rights of the shared object 120 (1).
Fig. 5 is a flowchart of a method in which a key management module deregisters a conference key according to an exemplary embodiment of the present invention. Referring to fig. 1 and fig. 5, first, in step S501, the key management module may receive a logout request of the user device 130(1), 130(2) or the shared object for the second conference key and the third conference key. In detail, when the user device 130 or the shared object 120(1) unregisters the user device 130(1) with the session key corresponding to the object provider, the user device 130(2) with the session key corresponding to the object provider, and the shared object 120(1) with the session key corresponding to the object provider, the user device 130(1), 130(2) or the shared object 120(1) may transmit a deregistration request to the key management module.
Next, in step S503, the key management module recovers the first public-private key pair using the first seed parameter provided by the user device 130 and recovers the second public-private key pair using the second seed parameter provided by the object vendor. In detail, the user devices 130(1), 130(2) and the object provider respectively transmit the first seed parameter of the user device 130(1), the first seed parameter of the user device 130(2) and the second seed parameter to the key management module, and the key management module restores the public-private key pair of the user devices 130(1), 130(2) according to the first seed parameter of the user device 130(1) and the first seed parameter of the user device 130(2), and restores the public-private key pair of the object provider according to the second seed parameter.
Next, in step S505, the key management module uses the first private key and the second public key as parameters to recover the second conference key and to log out the second conference key. In detail, when the key management module successfully recovers the user device 130(1) corresponding to the conference key of the object provider according to the private key of the user device 130(1) and the public key of the object provider and successfully recovers the user device 130(2) corresponding to the conference key of the object provider according to the private key of the user device 130(2) and the public key of the object provider, the key management module cancels the conference key of the user device 130(1) corresponding to the object provider and the conference key of the user device 130(2) corresponding to the object provider.
Next, in step S507, the key management module recovers a third public key and a third private key of the shared object by using the second public key and the second private key and the unique identifier representing the shared object as parameters. In detail, the key management module recovers the public key and the private key of the shared object according to the public key of the object vendor and the private key of the object vendor and the unique identifier representing the shared object 120 (1).
Finally, in step S509, the key management module generates a third conference key using the third private key and the second public key as parameters, and is configured to log out the third conference key. In detail, when the key management module successfully recovers the shared object 120(1) corresponding to the conference key of the object provider according to the private key of the shared object 120(1) and the public key of the object provider, respectively, the key management module cancels the shared object 120(1) corresponding to the conference key of the object provider.
Through the above steps, the object sharing system 100 of the embodiment of the present invention can deregister the conference key in the case where the shared secret information has been reconstructed (i.e., has been used). Since the conference key generated by the object sharing system 100 is a one-time key and is immediately logged off after use, a hacker will not be able to obtain the conference key through a multi-trial method.
Fig. 6 is a flowchart of a method of dispersedly storing sub-secret data according to another exemplary embodiment of the present invention. Referring to fig. 1 and fig. 6, in step S601, the user devices 130(1), 130(2) and the sharing object 120(1) respectively randomly select parameter values, perform value pairing on the encryption result by using the respective first conference keys, and transmit the pairing result to the data server 110 (2).
In detail, for example, as shown in fig. 3, the secret information distribution module respectively uses the conference keys SK of the object suppliers corresponding to the user devices 130(1), 130(2)SUPPLY,USER1、SKSUPPLY,USER2Conference key SK corresponding to shared object 120(1) with object vendorSUPPLY,OBJAfter encrypting the pseudo secret information r, the user devices 130(1), 130(2) and the shared object 120(1) respectively randomly select the parameter value XUSER1、XUSER2And XOBJAnd used to encrypt the result (X) corresponding to the user device 130(1), 130(2)USER1,E(SKSUPPLY,USER1,r))、(XUSER2,E(SKSUPPLY,USER2R)) and the encryption result (X) corresponding to the shared object 120(1)OBJ,E(SKSUPPLY,OBJR)) to generate a pairing result (X) corresponding to the user device 130(1), 130(2)USER1,E(SKSUPPLY,USER1,r))、(XUSER2,E(SKSUPPLY,USER2R)) and the pairing result (X) corresponding to the shared object 120(1)OBJ,E(SKSUPPLY,OBJR)) to be transmitted to the data server 110 (2). In an embodiment, the secret information distribution module performs a Symmetric-key Algorithm (Symmetric-key Algorithm) on the pseudo secret information r by using the conference key, for example, and is not particularly limited.
Next, in step S603, the implicit value used to reconstruct the shared secret information may be numerically paired with the shared secret information by the data server 110 (2).
For example, the data server 110(2) may select an implicit value (e.g., 0) and numerically pair the implicit value with the shared Secret information Secret to generate a pairing result corresponding to the shared Secret information, e.g., 0 (Secret).
Next, in step S605, the data server 110(1) performs Lagrange interpolation (Lagrange multinomial) on the pairing result and the pairing result received from the user device 130 and the shared object 120(1) to construct a polynomial implying the shared secret information.
For example, the data server 110(2) can determine the pairing result (X) corresponding to the user device 130USER1,E(SKSUPPLY,USER1,r))、(XUSER2,E(SKSUPPLY,USER2R)), pairing result (X) corresponding to shared object 120(1)OBJ,E(SKSUPPLY,OBJR)) and the pairing result (0, Secret) corresponding to the shared Secret information, to generate a polynomial that implicitly implies the shared Secret information, wherein the order of the polynomial is one plus the number of participants that participate in the sharing of the shared object 120 (1). In one embodiment, the polynomial that implies the shared secret information may be:
f(x)=Ax4+Bx3+Cx2+Dx+secret……………….(1)
where A, B, C, D is a coefficient and secret is shared secret information.
Finally, in step S607, a plurality of function values of the polynomial are calculated by the data server 110(2) as information implying the shared secret information. In detail, the data server 110(2) may bring a plurality of values into the polynomial to obtain a plurality of function values, and broadcast the pseudo secret information and the function values to the distributed data redundancy network formed by the plurality of data servers 110(1) -110 (n).
In an embodiment, the secret information distribution module may further calculate a plurality of hash values for the encryption result of the pseudo secret information by using a one-way hash algorithm, so that the calculated hash values, together with the pseudo secret information and the function value, are dispersedly stored in the data servers 110(1) -110 (n) as the sub-secret data. In the embodiment, by using the one-to-one characteristic of the one-way hash algorithm, the problem that the original secret sharing algorithm cannot verify the identity of the participant can be solved, and collusion attack can be avoided.
Through the above steps, the object sharing system 100 according to the embodiment of the present invention can hide the shared secret information in the polynomial, and dispersedly store a plurality of function values of the polynomial as sub-secret data for reconstructing the shared secret information in the data servers 110(1) to 110 (n). Therefore, when the object sharing system 100 receives a request for using the shared object from the user apparatus to reconstruct the shared secret information, the polynomial may be reconstructed by obtaining a certain amount of the sub-secret data, and an implicit value for reconstructing the shared secret information may be substituted into the polynomial, so that the shared secret information may be finally obtained.
In detail, fig. 7 is a flowchart of a method of reconstructing shared secret information according to an exemplary embodiment of the present invention. Referring to fig. 1 and fig. 7, the present embodiment is applicable to the case where the secret information reconstruction module is installed in the data server 110 (2).
First, in step S701, the user device 130(2) and the shared object 120(1) may calculate the second conference key and the third conference key by using their own first private key and third private key as parameters, encrypt the pseudo secret information to generate an encrypted result, and transmit the encrypted result to the data server 110 (2). In detail, when the secret information reconstruction module of the data server 110(2) receives a usage request of the user device 130(2) for the provided shared object 120(1), the secret information reconstruction module collects the sub-secret data required for reconstructing the shared secret information through the distributed data redundancy network. At this time, the user device 130(2) and the shared object 120(1) respectively calculate the conference key of the user device 130(2) corresponding to the object supplier and the conference key of the shared object 120(1) according to the private key stored in the user device 130 and the private key of the shared object 120(1), and obtain the pseudo-secret information from the sub-secret data posted in the data servers 110(1) to 110(n), and further respectively encrypt the pseudo-secret information by using the conference key of the user device 130(2) corresponding to the object supplier and the conference key of the shared object 120(1) corresponding to the object supplier, so as to generate the encryption result of the user device 130(2) corresponding to the object supplier and the encryption result of the shared object 120(1) corresponding to the object supplier.
Next, in step S703, the data server 110(2) may determine whether the received encryption result is equal to the previously obtained encryption result to determine whether to receive the encryption result. In detail, if the data server 110(2) determines that the encryption result of the user device 130(2) corresponding to the object provider is equal to the encryption result of the previously stored object provider corresponding to the user device 130(2) and the encryption result of the shared object 120(1) corresponding to the object provider is equal to the encryption result of the previously stored object provider corresponding to the shared object 120(1), the data server 110(2) receives the encryption result and continues to determine and collect other encryption results.
Next, in step S705, when the data server 110(2) receives the number of encryption results required for reconstructing the shared secret information, the data server 110(2) may perform value pairing on the encryption results by using the previously selected parameter value to reconstruct the polynomial implying the shared secret information. In detail, if the predetermined required number is 2, the data server 110(2) receives the encryption result of the user device 130(2) corresponding to the object provider and the encryption result of the shared object 120(1) corresponding to the object provider, and the data server 110(2) can use the previous parameter values selected by the user device 130(2) and the object provider to perform value pairing on the encryption result of the user device 130(2) corresponding to the object provider and the encryption result of the shared object 120(1) corresponding to the object provider, respectively, so as to reconstruct the polynomial implying the shared secret information based on the lagrange interpolation operation.
Finally, in step S707, the data server 110(2) brings the implicit value into a polynomial to reconstruct the shared secret information, and grants the user device the usage right for the shared object 120 (1). Specifically, if the implicit value is set to 0 and the expression (1) is substituted, the shared secret information is obtained. In case the data server 110(2) obtains the correct shared secret information, the user device will be granted the right to the shared object 120 (1).
Through the above steps, the object sharing system 100 according to the embodiment of the present invention can reconstruct the shared secret information by using a part of the number of sub-secret data, and is used to authenticate the authority of the user device 130(2) to the shared object 120 (1). Therefore, the object sharing system 100 can authenticate the rights of the user device 130(2) to the shared object 120(1) without acquiring all the sub-secret data, so as to increase the efficiency of the rights authentication.
Taking logistics as an example, the pickup requests the smart locker (i.e., the sharing object 120(1)) to open the smart locker through the held mobile phone (i.e., the user device 130(2)), and generates the conference key with the private key of the mobile phone to authenticate with the data server 110(2) provided by the local logistics provider (i.e., the object supplier). Under the condition that the authentication is completed, the pick-up person can open the intelligent cabinet through the held mobile phone.
Fig. 8 is a flowchart of a method of reconstructing shared secret information according to another exemplary embodiment of the present invention. The present embodiment is applicable to the case where the secret information reconstruction module is installed in the shared object 120 (1).
Referring to fig. 1 and 8, first, in step S801, the user device 130(2) and the shared object 120(1) calculate a second conference key and a conference key respectively using the first private key and the third private key as parameters, and encrypt the pseudo secret information to generate an encryption result, wherein the user device 130(2) transmits the encryption result to the shared object 120 (1).
Next, in step S803, the shared object 120(1) determines whether the received encryption result is equal to the previously obtained encryption result to determine whether to receive the encryption result. If the determination result is equal, the shared object 120(1) will receive the encryption result and continue to collect other encryption results.
Next, in step S805, the shared object 120(1), upon receiving the number of encryption results required to reconstruct the shared secret information, performs numerical pairing on the encryption results using the previously selected parameter values to reconstruct the polynomial that implies the shared secret information.
Finally, in step S807, the shared object brings the implicit value into a polynomial to reconstruct the shared secret information, and the user device is granted a usage right for the shared object.
The difference between the steps of fig. 8 and fig. 7 is that fig. 8 is the step of reconstructing the shared secret information performed by the data server 110(2), and fig. 7 is the step of reconstructing the shared secret information performed by the shared object 120 (1). Otherwise, the steps in fig. 8 are the same as those in fig. 7, and therefore, the above description of fig. 7 can be referred to.
In summary, the distributed management architecture adopted by the object sharing system and method of the present invention can avoid the risk of centralized single-point attack and prevent hackers from invading and obtaining shared secret information. In addition, the object sharing system and method of the present invention redistribute the session key when generating the session key, and the session key cannot be obtained by a multi-trial method. Moreover, the object sharing system and method of the invention can avoid collusion attack by using one-way hash algorithm.
Although the present invention has been described with reference to the above embodiments, it should be understood that various changes and modifications can be made therein by those skilled in the art without departing from the spirit and scope of the invention.

Claims (20)

1. An object sharing system, comprising:
a plurality of shared objects provided by a plurality of object suppliers, respectively; and
a plurality of data servers respectively provided by the object suppliers and connected to form a distributed data redundancy network to dispersedly store a plurality of sub-secret data divided by a shared secret information, wherein
The data server of each object supplier is connected with the shared object provided by the data server, and when receiving a use request of a user device for the provided shared object, the data server collects the sub-secret data required by reconstructing the shared secret information through the distributed data redundancy network so as to reconstruct the shared secret information and is used for authenticating the authority of the user device for the shared object.
2. The object sharing system of claim 1, wherein each of the data servers comprises:
a key management module that generates at least a first conference key of the shared secret information using a first public-private key pair of the user device and a second public-private key pair of the object vendor; and
and the secret information distribution module randomly generates corresponding pseudo secret information for the shared secret information shared by a plurality of participant protocols participating in the sharing of the shared object, encrypts the pseudo secret information by using the first conference key and pairs the encryption result with a randomly selected parameter value to construct information implying the shared secret information, and divides the pseudo secret information and the information into the sub secret data to be dispersedly stored in the plurality of data servers.
3. The object sharing system according to claim 2, wherein the secret information distribution module further calculates a plurality of hash values of the encryption result of the pseudo secret information by a one-way hash algorithm, and divides the hash values together with the pseudo secret information and the information into the sub-secret data to be dispersedly stored in the plurality of data servers.
4. The object sharing system of claim 2, wherein the key management module comprises:
generating a first public key and a first private key of the first public-private key pair using a first seed parameter provided by the user device, and generating a second public key and a second private key of the second public-private key pair using a second seed parameter provided by the object vendor;
generating a second conference secret key by taking the first private key and the second public key as parameters;
generating a third public key and a third private key of the shared object by taking the second public key, the second private key and a unique identification value representing the shared object as parameters;
generating a third conference secret key by taking the third private key and the second public key as parameters; and
and generating the first conference key of the shared secret information by using the second private key, the third public key and the first public key as parameters.
5. The object sharing system of claim 4, wherein the key management module further comprises:
receiving a logout request of the user device or the shared object for the second conference key and the third conference key;
recovering the first public-private key pair utilizing the first seed parameter provided by the user device and recovering the second public-private key pair utilizing the second seed parameter provided by the object vendor;
recovering the second conference secret key by taking the first private key and the second public key as parameters, and canceling the second conference secret key;
recovering the third public key and the third private key of the shared object by taking the second public key and the second private key and the unique identifier representing the shared object as parameters; and
and generating the third conference secret key by taking the third private key and the second public key as parameters, and using the third conference secret key to cancel the third secret key.
6. The object sharing system of claim 4, wherein
The user device and the shared object respectively randomly select the parameter value, carry out numerical value pairing on the encryption result by using the first conference secret key of each user device and transmit the pairing result to the data server; and
the secret information distribution module performs a numerical pairing of an implied value used to reconstruct the shared secret information and the shared secret information, performs a Lagrange interpolation operation of a pairing result and the pairing result received from the user device and the shared object to construct the polynomial that implies the shared secret information, and calculates a plurality of function values of the polynomial as the information that implies the shared secret information.
7. The object sharing system of claim 6, wherein the data server further comprises:
a secret information reconstruction module that receives the usage request of the user device for the provided shared object to collect the sub-secret data of an amount necessary for reconstructing the shared secret information through the distributed data redundancy network, wherein
The user device and the shared object respectively use the first private key and the third private key as parameters, calculate the second conference key and the third conference key, encrypt the pseudo secret information to generate an encryption result, and transmit the encryption result to the data server; and
the secret information reconstruction module determines whether the received encryption result is equal to the encryption result obtained previously to determine whether to receive the encryption result, and when the encryption result required for reconstructing the shared secret information is received, performs numerical pairing on the encryption result by using the previously selected parameter value to reconstruct the polynomial implying the shared secret information, and brings the implied value into the polynomial to reconstruct the shared secret information, thereby granting the user device the right to the shared object.
8. The object sharing system of claim 6, wherein the shared object further comprises:
a secret information reconstruction module that receives the usage request of the user device for the provided shared object to collect the sub-secret data of an amount necessary for reconstructing the shared secret information through the distributed data redundancy network by the data server, wherein
The user device and the shared object each calculate the second conference key and the third conference key using the first private key and the third private key as parameters, encrypt the pseudo secret information to generate an encryption result, and provide the encryption result to the secret information reconstruction module; and
the secret information reconstruction module determines whether the received encryption result is equal to the encryption result obtained previously to determine whether to receive the encryption result, and when the encryption result required for reconstructing the shared secret information is received, performs numerical pairing on the encryption result by using the previously selected parameter value to reconstruct the polynomial implying the shared secret information, and brings the implied value into the polynomial to reconstruct the shared secret information, thereby granting the user device the right to the shared object.
9. The object sharing system of claim 2, wherein the secret information distribution module includes a symmetric encryption algorithm on the pseudo secret using the first conference key.
10. The object sharing system of claim 2, wherein the data server collects n +1 sub-secret data over the distributed data redundancy network to reconstruct the shared secret information when the shared secret information is partitioned into n sub-secret data, where n is an integer greater than 2.
11. An object sharing method is suitable for an object sharing system consisting of a plurality of shared objects and a plurality of data servers respectively provided by a plurality of object suppliers, wherein each data server is connected to form a distributed data redundancy network, and the method comprises the following steps:
dispersedly storing a plurality of sub-secret data obtained by dividing shared secret information by the data server;
receiving, by one of the shared objects, a usage request sent by a user device;
collecting, by the data server connected to the shared object, the sub-secret data in an amount required to reconstruct the shared secret information through the distributed data redundancy network; and
reconstructing, by the shared object or the data server connected to the shared object, the shared secret information using the collected sub-secret data and used to authenticate the user device's rights to the shared object.
12. The method of claim 11, wherein the step of decentralized storage by the data server of a plurality of sub-secret data partitioned from the shared secret information comprises:
generating at least a first conference key of the shared secret information using a first public-private key pair of the user device and a second public-private key pair of the object vendor;
randomly generating corresponding pseudo-secret information for the shared secret information shared by a plurality of participant protocols participating in the sharing of the shared object;
encrypting the pseudo secret information by using the first conference key and pairing an encryption result with a randomly selected parameter value to construct information implying the shared secret information; and
the pseudo secret information and the information are divided into the sub secret data to be dispersedly stored in the plurality of data servers.
13. The method of claim 12, wherein the step of decentralized storage by the data server of a plurality of sub-secret data partitioned from the shared secret information further comprises:
calculating a plurality of hash values of the encryption result of the pseudo secret information by a one-way hash algorithm, and dividing the hash values, the pseudo secret information and the information into the sub secret data to be dispersedly stored in the plurality of data servers.
14. The method of claim 12, wherein generating the at least one first conference key of the shared secret information utilizing the first public-private key pair of the user device and the second public-private key pair of the object vendor comprises:
generating a first public key and a first private key of the first public-private key pair using a first seed parameter provided by the user device, and generating a second public key and a second private key of the second public-private key pair using a second seed parameter provided by the object vendor;
generating a second conference secret key by taking the first private key and the second public key as parameters;
generating a third public key and a third private key of the shared object by taking the second public key, the second private key and a unique identification value representing the shared object as parameters;
generating a third conference secret key by taking the third private key and the second public key as parameters; and
and generating the first conference key of the shared secret information by using the second private key, the third public key and the first public key as parameters.
15. The method of claim 14, further comprising:
receiving a logout request of the user device or the shared object for the second conference key and the third conference key;
recovering the first public-private key pair utilizing the first seed parameter provided by the user device and recovering the second public-private key pair utilizing the second seed parameter provided by the object vendor;
recovering the second conference secret key by taking the first private key and the second public key as parameters, and canceling the second conference secret key;
recovering the third public key and the third private key of the shared object by taking the second public key and the second private key and the unique identifier representing the shared object as parameters; and
and generating the third conference secret key by taking the third private key and the second public key as parameters, and using the third conference secret key to cancel the third secret key.
16. The method of claim 14, wherein the step of decentralized storage by the data server of a plurality of sub-secret data partitioned from the shared secret information further comprises:
randomly selecting the parameter value by each of the user device and the shared object, performing numerical pairing on the encryption result by using the first conference key of each of the user device and the shared object, and transmitting the pairing result to the data server;
numerically pairing, by the data server, an implied value used to reconstruct the shared secret information with the shared secret information;
performing, by the data server, a Lagrange interpolation operation on a pairing result and the pairing result received from the user device and the shared object to construct the polynomial that implies the shared secret information; and
calculating, by the data server, a plurality of function values of the polynomial as the information underlying the shared secret information.
17. The method of claim 16, wherein the step of reconstructing, by the shared object or the data server connected to the shared object, the shared secret information using the collected sub-secret data comprises:
the user device and the shared object respectively use the first private key and the third private key as parameters, calculate the second conference key and the third conference key, encrypt the pseudo secret information to generate an encryption result, and transmit the encryption result to the data server;
the data server judges whether the received encryption result is equal to the encryption result obtained previously so as to determine whether to receive the encryption result;
when the data server receives the encryption results of the quantity required by reconstructing the shared secret information, carrying out numerical pairing on the encryption results by using the previously selected parameter value so as to reconstruct the polynomial implying the shared secret information; and
the data server brings the implied value into the polynomial to reconstruct the shared secret information to grant the user device the rights to the shared object.
18. The method of claim 16, wherein the step of reconstructing, by the shared object or the data server connected to the shared object, the shared secret information using the collected sub-secret data comprises:
the user device and the shared object respectively use the first private key and the third private key as parameters, calculate the second conference key and the third conference key, and encrypt the pseudo secret information to generate an encryption result, wherein the user device transmits the encryption result to the shared object; and
the shared object determining whether the received encryption result is equal to the previously obtained encryption result to determine whether to receive the encryption result;
when the shared object receives the encryption results of the quantity required by the reconstruction of the shared secret information, the encryption results are subjected to numerical pairing by using the parameter values selected previously so as to reconstruct the polynomial implying the shared secret information; and
the shared object brings the implied value into the polynomial to reconstruct the shared secret information, granting the user device the rights to the shared object.
19. The method of claim 12, wherein encrypting the pseudo-secret information using the first conference key comprises:
and carrying out a symmetric encryption algorithm on the pseudo secret information by using the first conference key.
20. The method of claim 12, wherein the step of reconstructing, by the shared object or the data server connected to the shared object, the shared secret information using the collected sub-secret data comprises:
when the shared secret information is partitioned into n sub-secret data, the shared object or the data server collects n +1 sub-secret data through the distributed data redundancy network to reconstruct the shared secret information, where n is an integer greater than 2.
CN201910261890.4A 2019-02-27 2019-04-02 Object sharing system and method Active CN111628861B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
TW108106920A TWI704793B (en) 2019-02-27 2019-02-27 Object sharing system and object sharing method
TW108106920 2019-02-27

Publications (2)

Publication Number Publication Date
CN111628861A true CN111628861A (en) 2020-09-04
CN111628861B CN111628861B (en) 2023-10-17

Family

ID=72143083

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910261890.4A Active CN111628861B (en) 2019-02-27 2019-04-02 Object sharing system and method

Country Status (3)

Country Link
US (1) US11240011B2 (en)
CN (1) CN111628861B (en)
TW (1) TWI704793B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113726517A (en) * 2021-08-10 2021-11-30 北京信安世纪科技股份有限公司 Information sharing method and device
CN115357939A (en) * 2022-10-19 2022-11-18 北京金睛云华科技有限公司 Privacy protection data calculation method and device

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11477182B2 (en) * 2019-05-07 2022-10-18 International Business Machines Corporation Creating a credential dynamically for a key management protocol
CN113254987B (en) * 2021-04-14 2022-07-01 北京理工大学 Fault-tolerant time sequence data aggregation method capable of protecting privacy
CN113411186B (en) * 2021-08-19 2021-11-30 北京电信易通信息技术股份有限公司 Video conference data security sharing method
CN115631529B (en) * 2022-12-16 2023-04-28 成方金融科技有限公司 Face feature privacy protection method, face recognition method and device
CN117240458B (en) * 2023-11-13 2024-04-02 信联科技(南京)有限公司 Multi-secret sharing method for user self-choice sub-secret

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8010671B2 (en) * 2005-04-29 2011-08-30 Microsoft Corporation Method and system for shared resource providers
US7899895B2 (en) * 2007-08-29 2011-03-01 International Business Machines Corporation Transfer of ownership of a storage object in response to an original owner node becoming available after a period of unavailability
US8069366B1 (en) * 2009-04-29 2011-11-29 Netapp, Inc. Global write-log device for managing write logs of nodes of a cluster storage system
US9077580B1 (en) * 2012-04-09 2015-07-07 Symantec Corporation Selecting preferred nodes for specific functional roles in a cluster
US11032259B1 (en) * 2012-09-26 2021-06-08 Pure Storage, Inc. Data protection in a storage system
CN103023968B (en) * 2012-11-15 2015-12-23 中科院成都信息技术有限公司 A kind of network distributed file stores and read method
US20150074004A1 (en) * 2013-09-09 2015-03-12 Joon Kyu Song Bicycle rental system and method
PL3057029T3 (en) * 2015-02-13 2018-07-31 Thomas Wolf Improved encryption and authentication method and apparatus
CN105356997B (en) * 2015-08-06 2019-09-06 华南农业大学 The distributed data management method of safety based on public cloud
US10079682B2 (en) 2015-12-22 2018-09-18 Gemalto Sa Method for managing a trusted identity
US10411897B2 (en) * 2017-02-17 2019-09-10 Factom, Inc. Secret sharing via blockchains
TWI629658B (en) 2017-05-08 2018-07-11 富邦金融控股股份有限公司 Know your customer (kyc) data sharing system based on smart contract on blockchain and method thereof
KR102598946B1 (en) * 2017-11-08 2023-11-07 현대자동차주식회사 Apparatus for providing car sharing service, system having the same and method thereof
CN107993359B (en) 2017-11-23 2021-01-19 浙江大学 Block chain-based end-to-end bicycle sharing system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113726517A (en) * 2021-08-10 2021-11-30 北京信安世纪科技股份有限公司 Information sharing method and device
CN115357939A (en) * 2022-10-19 2022-11-18 北京金睛云华科技有限公司 Privacy protection data calculation method and device
CN115357939B (en) * 2022-10-19 2022-12-13 北京金睛云华科技有限公司 Privacy protection data calculation method and device

Also Published As

Publication number Publication date
US20200274698A1 (en) 2020-08-27
TW202032942A (en) 2020-09-01
US11240011B2 (en) 2022-02-01
CN111628861B (en) 2023-10-17
TWI704793B (en) 2020-09-11

Similar Documents

Publication Publication Date Title
CN111628861B (en) Object sharing system and method
US20230106151A1 (en) Multi-party threshold authenticated encryption
US10903991B1 (en) Systems and methods for generating signatures
CN108235805B (en) Account unifying method and device and storage medium
US20210143987A1 (en) Privacy-preserving federated learning
CN105871538B (en) Quantum key distribution system, quantum key delivering method and device
US8929541B2 (en) Information processing apparatus, server apparatus, and computer program product
CN109194523A (en) The multi-party diagnostic model fusion method and system, cloud server of secret protection
US11451369B2 (en) Method and system for multi-authority controlled functional encryption
CN111264045B (en) Interactive system and method based on heterogeneous identity
JPWO2017033442A1 (en) Information processing apparatus, authentication system, authentication method, and computer program
CN112118245B (en) Key management method, system and equipment
EP3939202A1 (en) Method and apparatus for effecting a data-based activity
CN107113168B (en) Key exchange method, key exchange system, key device, terminal device, and recording medium
CN112187450A (en) Method, device, equipment and storage medium for key management communication
KR100777317B1 (en) Incorporating shared randomness into distributed cryptography
CN110557367B (en) Secret key updating method and system for quantum computing secure communication resistance based on certificate cryptography
CN112860790A (en) Data management method, system and device
JP4758110B2 (en) Communication system, encryption apparatus, key generation apparatus, key generation method, restoration apparatus, communication method, encryption method, encryption restoration method
CN103490890A (en) Combination public key authentication password method based on conic curves
CN115604030B (en) Data sharing method, device, electronic equipment and storage medium
CN110837633B (en) Intelligent certificate implementation method and system and readable storage medium
Ghanbarafjeh et al. Developing a secure architecture for internet of medical things using attribute-based encryption
CN114117475B (en) Improved attribute-based encryption scheme system and encryption algorithm thereof
Zhang et al. Building PUF as a Service: Distributed Authentication and Recoverable Data Sharing With Multidimensional CRPs Security Protection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant